216.73.217.98

CVE-2026-33699

· Published 27/03/2026 01:16 · Modified 27/03/2026 01:16

Labels: CVE-2026-33699 2026-03-27CVE-2026-33699CWE-835[email protected]

Essential information

Published
27/03/2026 01:16
Modified
27/03/2026 01:16
Author
Creator
CVSS
4.6 MEDIUM (v3) 4.6 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
pypdf / pypdf cpe:2.3:a:pypdf:pypdf:<6.9.2:*:*:*:*:*:*:*

References